POSITION SUMMARY

This position helps secure Banner’s computing environment against both insider and outsider threats. The incumbent will utilize Banner’s various security tools and processes to complete real-time monitoring & alert triage, log correlation analysis, incident analysis & response, intrusion detection, cloud security, trade craft analysis, traffic analysis, malware analysis, forensic artifact handling & analysis, and blue teaming. The incumbent will work collaboratively to develop new procedures and runbooks.

MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, cybersecurity and/or computer science as normally obtained through the completion of a bachelor’s degree.
Must possess knowledge as normally obtained through four years of experience as cybersecurity operations center analyst, participating in 24/7 incident response. Experience working within a Security Operations Center to include an in-depth understanding of cyber incident response and ability to effectively triage security events. Strong understanding of system, network, and/or application security experience, Linux, virtualization, and networking concepts. Technical proficiency in SIEM (Security information and event management) tools, such as Splunk. Strong Technical proficiency in Endpoint Detection and Response security tools, CASB (cloud access security broker) tools, and DLP (Data Loss Prevention) solutions. Knowledge of utilizing enterprise managed Antivirus and encryption tools. Strong technical competence up and down the technology stack - user interface, applications, communications, infrastructure, database, network, storage, etc. Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.). Must possess strong critical thinking, analytical, troubleshooting and problem-solving skills. Must be a team player with ability to work autonomously. Ability to prioritize and reprioritize work as required. Experience with Vulnerability Assessment tools and processes and experience leveraging their output to support incident handling. Technical proficiency for creating and updating standard operating procedures. Ability to work calmly under pressure in the face of adversity and threat activity. Ability to establish positive working relationships and garner influence with other teams and team members. Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology. A collaborative attitude and strong desire to succeed as part of the team. Self-motivated and a strong passion for learning. Knowledge of MITRE ATT&CK Framework and Lockheed Martin Cyber Kill Chain. Knowledge of security threat and attack countermeasures. Experience in automation of tasks through scripting or programming with Bash, Python, Perl, etc.

PREFERRED QUALIFICATIONS

GIAC Continuous Monitoring Certification (GMON). GIAC Certified Incident Handler (GCIH). GIAC Certified Intrusion Analyst (GCIA).
Additional related education and/or experience preferred.

Please refer the Job description for details